Allows multiple OS to share a single hardware host,with the appearance of each host having exclusive use of resources.
Type I
1.Known as bare metal,embedded or native hypervisor
2.works directly with the hardware and can monitor the overlying guest OS.
3.Smaller and faster,primarily manages sharing and managing hardware between the guest OS
4.Ex: - VMWare ESX,XEN,MS Hyper-v
Type II
1.Installed "on top" of the guest OS
2.Dependent upon the host OS
3.More vulnerable
4.Ex: - VM workstation,Virtual Box,MS virtual PC
Security:
1.Type I hypervisors significantly reduce the attack surface.Hypervisor vendors has control over relevant software that comprises and forms the hypervisor package,reducing the likelihood of malicious code being introduced at the hypervisor function.
2.Type II hypervisors have greater vulnerability since they are OS based.Numerous vulnerabilities exist within various OS opening up additional opportunities.
Securing the Hypervisor:
1.Install all updates to the hypervisor as they are released by the hypervisor as they are released by the vendor.Centralized patch management solutions can also used to administrator updates.
2.Restrict administrative access to the management interfaces of the hypervisor.
3.Protect all management communication channels using a dedicated management network.
4.Synchronize the virtualized infrastructure to a trusted authoritative time server.
5.Disconnect unused physical hardware from the host system (ext.drives,NICs)
6.Disable all hypervisor services such as clipboard or file-sharing between the guest OS and the host OS unless they are needed.
7.Consider using introspection capabilities to monitor the security of each guest OS and their interactions.
8.Carefully monitor the hypervisor itself for signs of compromise.This includes using self-integrity monitoring capabilities that hypervisors may provide , as well as monitoring and analysis hypervisor logs on an ongoing basis.
0 Comments